Using DroneBL: An overview

DroneBL only offers public access to its data in the form of a DNSBL. A
more robust lookup feature is available for security professionals with
an RPCKey via RPC2 lookups. If you would like to propose
another format, we would enjoy your suggestions! Please ask on
IRC.

Using the DroneBL DNSBL service

The DroneBL database is exported in the format of an rbldnsd
compatible file. We then load this into various rbldnsd installations,
which are exported to the public internet via the dnsbl.dronebl.org
DNS zone.

You may use the DroneBL DNSBL service free of charge for both commercial
and non-commercial purposes. Some examples are listed below. However,
we ask that if you are using this service commercially that you contribute
to the ecosystem of the DroneBL in a positive way. There are many ways of
doing this (hosting a DNSBL mirror, working on the code, etcetera), read
the FAQ for suggestions and procedures.

How to perform a manual DNSBL lookup

Take the client's IP address--say, 192.168.42.23 -- and reverse the bytes, yielding 23.42.168.192.

Look up this name in the DNS as a domain name ("A" record).
This will return either an address, indicating that the client is
listed; or an NXDOMAIN ("No such domain") code, indicating that the client is not.

Looking up an address in a DNSBL is thus similar to looking it up in reverse-DNS.
The differences are that a DNSBL lookup uses the "A" rather than "PTR" record type,
and uses a forward domain (such as dnsbl.dronebl.org above) rather than the special
reverse domain in-addr.arpa.

charybdis 2.0 and later blacklist {}

If you add the following to your blacklist {} block, your charybdis server
will check DroneBL. As an example:

Note: In order to be able to report to DroneBL, you are required to have a RPC Key.

Change dnsbl_from to your_rpckey@your_domain.tld and set dnsbl_to to bopm-report@dronebl.org.

Postfix

You can use smtpd_recipient_restrictions to restrict access via the DroneBL. This may prove advantageous in blocking SPAM due to the
unique list of proxies and infected machines we have. To do so, add to your smtpd_recipient_restrictions:

reject_rbl_client dnsbl.dronebl.org

hosts.deny: Using DroneBL as a firewalling measure

It is now possible to use DroneBL to help reduce attacks from inbound machines by
using this script and calling it from hosts.deny: